The original update provided in DSA 1214-1 was insufficient; this updatecorrects this. For reference the original advisory below:

Renaud Lifchitz discovered that gv, the PostScript and PDF viewer for X,performs insufficient boundary checks in the Postscript parsing code,which allows the execution of arbitrary code through a buffer overflow.

For the stable distribution (sarge) this problem has been fixed inversion 3.6.1-10sarge2.

For the upcoming stable distribution (etch) this problem has beenfixed in version 3.6.2-2.

For the unstable distribution (sid) this problem has been fixed inversion 3.6.2-2.

We recommend that you upgrade your gv package.

Upgrade Instructions- --------------------

wget url will fetch the file for youdpkg -i file.deb will install the referenced file.

If you are using the apt-get package manager, use the line forsources.list as given below: